Android App Could Remotely Hijack an Airplane

Security consultant Hugo Teso rocked the tech world this week when he gave a talk illustrating how you could hijack a plane using an Android app. At the Hack In The Box Conference in Amsterdam, Teso, who is both a security expert and a trained pilot, demonstrated a remote attack on the computer of a virtual airplane’s computer by using a radio transmitter, software and an Android app.

Teso calls his app PlaneSpoilt and his mission in creating it is to demostrate to the aviation industry the potential security threat that exist in airplane computer systems. Here is more about how the app works from Net-Security:

The user interface is divided by its main functions which are self-explanatory: discovery, information gathering, exploitation and post exploitation. The attacker can click on any active airplane and is receives its identification, current location and final destination. In case a nearby airplane system is exploitable (a number of vulnerability vectors mentioned, not much details provided), the application alerts the user via an in-application alert or a push message.

For more technical details, Teso posted these background notes on his own blog. (Via NPR.)

Publish date: April 12, 2013 © 2020 Adweek, LLC. - All Rights Reserved and NOT FOR REPRINT